aboutsummaryrefslogtreecommitdiff
path: root/modules/sasl
diff options
context:
space:
mode:
authorGravatar jesopo2019-02-06 21:49:24 +0000
committerGravatar jesopo2019-02-06 21:49:24 +0000
commitbffd43648d9018a6e1cc861553b29c0a3501099e (patch)
tree002eed4d4f10ac37b1429b8019f8ed532c02b8ad /modules/sasl
parentRemove pointless local salted_password variable (sasl.scram) (diff)
signature
uuid.uuid4() is not random enough for a nonce (sasl.scram)
Diffstat (limited to 'modules/sasl')
-rw-r--r--modules/sasl/scram.py4
1 files changed, 2 insertions, 2 deletions
diff --git a/modules/sasl/scram.py b/modules/sasl/scram.py
index 8e5bb1fd..f73f39a4 100644
--- a/modules/sasl/scram.py
+++ b/modules/sasl/scram.py
@@ -1,7 +1,7 @@
-import base64, enum, hashlib, hmac, typing, uuid
+import base64, enum, hashlib, hmac, os, typing
def _scram_nonce() -> bytes:
- return uuid.uuid4().hex.encode("utf8")
+ return base64.b64encode(os.urandom(32))
def _scram_escape(s: bytes) -> bytes:
return s.replace(b"=", b"=3D").replace(b",", b"=2C")
def _scram_unescape(s: bytes) -> bytes:
generated by cgit v1.3.1-10-gc9f91 (git 2.54.0) at 2026-06-11 23:13:52 +0000